<?php
	require_once('paths.inc');
	require_once(INCLUDE_PATH.'constants.inc');
	require_once('page.inc');
	require_once(DB_PATH.'db.inc');
	
	require_once('security.inc');
	require_once('utils.inc');	
	
	session_start();
	checkIsLoggedIn();
	html_header(LANG_Edit_User);	
	
	include_js('utils.js');

	
	if (isset($_POST['post_user'])) {
		
		$db = &db_connect();
				
		// Informatii user
		$username = $_POST['username'];	
		$password = $_POST['password'];	
		$password2 = $_POST['password2'];	
		$nume = $_POST['nume'];	
		$prenume = $_POST['prenume'];	
		$email = $_POST['email'];	
		
		//server side validations
			//bla bla bla
		//end server side validations
		
		$_SESSION['user']->username = $username;
		$_SESSION['user']->nume = $nume;
		$_SESSION['user']->prenume = $prenume;				
		$_SESSION['user']->email = $email;
								
		//todo: error checking	
		try {						
			$_SESSION['user']->queryUpdate($db);
			echo "Succes";	
		}
		catch (QueryUpdateUserException $e) {
			echo $e->getMessage();
		}		
	}
	else {
		checkIsLoggedIn();
		$db = db_connect();
		try {
			$_SESSION['user'] = User::queryLoad($db, $_SESSION['user_logat']->id_user);
		}
		catch (QueryLoadUserException $e) {					
			var_dump($e->getMessage());
		}
		
?>

<?php output_error_msg(); ?>
  <form method="POST" action="<?php echo $_SERVER['PHP_SELF']; ?>">
    <p> <?php echo LANG_Edit_user; ?> </p>    

    
    <fieldset title="<?php echo LANG_USER_INFORMATION; ?> ">
    	<legend><?php echo LANG_USER_INFORMATION; ?></legend>
	    <table>
	      <tr>
	        <td><?php echo LANG_USERNAME; ?></td>
	        <td><input type="text" size=15 maxlength=<?php echo CT_MAX_USERNAME_LENGTH;?> name="username" 
      				value="<?php echo $_SESSION['user']->username ?>"></td>
	      </tr>
	      <tr>
	        <td><?php echo LANG_PRENUME; ?></td>
	        <td><input type="text" size=15 maxlength=<?php echo CT_MAX_PRENUME_LENGTH;?> name="prenume" 
      				value="<?php echo $_SESSION['user']->prenume ?>"></td>
	      </tr>
	      <tr>
	        <td><?php echo LANG_NUME; ?></td>
	        <td><input type="text" size=15 maxlength=<?php echo CT_MAX_NUME_LENGTH;?> name="nume" 
      				value="<?php echo $_SESSION['user']->nume ?>"></td>
	      </tr>
	      <tr>
	        <td><?php echo LANG_EMAIL_ADDRESS; ?>:</td>
	        <td><input type="text" size=30 maxlength=<?php echo CT_MAX_MAIL_LENGTH; ?> name="email"
	        		value="<?php echo $_SESSION['user']->email ?>"></td>
	      </tr>
	    </table>
    </fieldset>
    
    <input type="submit" name="post_user" value="<?php echo LANG_Edit_User; ?>">
  </form>

  <?php
  html_footer();
}
?>